6 months ago
Our Baserow instance serves files from https://db.filefast.cloud/media/. We also run apps on other subdomains that need to fetch these files. Because db.filefast.cloud doesn’t return the required CORS headers or handle OPTIONS preflight requests, browsers block cross-origin access. As a result, ZIP creation and streaming downloads fail for files stored on the db.filefast.cloud volume.
2 Replies
6 months ago
Hey there! We've found the following might help you get unblocked faster:
🧵 Seeking Assistance: CORS Issue Despite Proper Headers Configuration
🧵 Persistent CORS Issues and 502 Errors on Railway Deployment
If you find the answer from one of these, please let us know by solving the thread!
6 months ago
This thread has been marked as public for community involvement, as it does not contain any sensitive or personal information. Any further activity in this thread will be visible to everyone.
Status changed to Open brody • 6 months ago
6 months ago
Likely your CORS allowed variable is in your .env variables within railway. I only ran into CORS / .env issues a few times but it was more an issue with the code than it was say like something I would fix on railway.
Example:
// Middleware - More explicit CORS configuration
app.use(cors({
origin: function (origin, callback) {
const allowedOrigins = [
process.env.FRONTEND_URL || 'http://localhost:5173',
];
// Allow requests with no origin (like mobile apps, curl, etc.)
if (!origin) return callback(null, true);
if (allowedOrigins.indexOf(origin) !== -1) {
callback(null, true);
} else {
callback(new Error('Not allowed by CORS'));
}
},
credentials: true,
methods: ['GET', 'POST', 'PUT', 'DELETE', 'OPTIONS'],
allowedHeaders: ['Content-Type', 'Authorization', 'X-Requested-With'],
optionsSuccessStatus: 204
}));